2 Answers
2

With SSH Keys, each user has his own private key(s) which are shared with no one. On each server+account for which you want to grant that user access, you add the key signature to the authorized_keys file. If you ever want to revoke access, you remove that user from the file. You can also specify restrictions on what each user (i.e. each key) can do, so if you log in with a given key certain limitations apply.